Windows UPnP Device Host Elevation of Privilege Vulnerability

Untrusted pointer dereference in Windows Universal Plug and Play UPnP Device Host allows an authorized attacker to elevate privileges locally...

Windows Win32k Elevation of Privilege Vulnerability

Untrusted pointer dereference in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally...

Windows UPnP Device Host Elevation of Privilege Vulnerability

Untrusted pointer dereference in Windows Universal Plug and Play UPnP Device Host allows an authorized attacker to elevate privileges locally...

Windows Sensor Data Service Elevation of Privilege Vulnerability

Untrusted pointer dereference in Windows Sensor Data Service allows an authorized attacker to elevate privileges locally...

Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability

Untrusted pointer dereference in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to bypass a security feature locally...

Microsoft SQL Server Remote Code Execution Vulnerability

Untrusted pointer dereference in SQL Server allows an authorized attacker to execute code over a network...

Windows Redirected Drive Buffering System Denial of Service Vulnerability

Null pointer dereference in Windows Redirected Drive Buffering allows an authorized attacker to deny service locally...

Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability

Null pointer dereference in Windows Local Security Authority Subsystem Service LSASS allows an unauthorized attacker to deny service over a network...

Security update for libpng16

This update for libpng16 fixes the following issues: CVE-2026-33416: use-after-free via pointer aliasing in pngsettRNS and pngsetPLTE can lead to arbitrary code execution bsc1260754. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupda...

SUSE-SU-2026:1323-1 Security update for libpng16

This update for libpng16 fixes the following issues: - CVE-2026-33416: use-after-free via pointer aliasing in pngsettRNS and pngsetPLTE can lead to arbitrary code execution bsc1260754...

Security update for libpng16

This update for libpng16 fixes the following issue: CVE-2026-33416: use-after-free via pointer aliasing in pngsettRNS and pngsetPLTE can lead to arbitrary code execution bsc1260754. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdat...

SUSE CVE-2026-5745

A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archiveaclfromtextnl function. When processing a malformed ACL string such as a bare "d" or "default" tag without subsequent fields, the function fails to perform...

SUSE CVE-2026-6068

NASM contains a heap use after free vulnerability in response file -@ processing where a dangling pointer to freed memory is stored in the global dependfile and later dereferenced, as the response-file buffer is freed before the pointer is used, allowing for data corruption or remote code executi...

CLSA-2025-1757947429 libreswan: Fix of CVE-2023-38711

CVE-2023-38711: fix a NULL pointer dereference in IKEv1 Quick Mode with IDIPV4ADDR/IDIPV6ADDR that causes a crash and restart of the pluto daemon when it receives an IDcr payload with IDFQDN...

net/sched: cls_fw: fix NULL pointer dereference on shared blocks

...

net/sched: cls_flow: fix NULL pointer dereference on shared blocks

...

PT-2026-32803

Name of the Vulnerable Software and Affected Versions Windows Universal Plug and Play UPnP Device Host affected versions not specified Description An untrusted pointer dereference in the Windows Universal Plug and Play UPnP Device Host allows an authorized attacker to elevate privileges locally...

ROS-20260414-73-0060

A vulnerability in the ovlpermission function of the fs/overlayfs/inode.c module of the Overlayfs file system of the Linux kernel is related to NULL pointer dereferencing. Exploitation of the vulnerability may allow an attacker to affect confidentiality, integrity and availability of protected...

PT-2026-32739

Name of the Vulnerable Software and Affected Versions Windows Sensor Data Service affected versions not specified Description An untrusted pointer dereference in the Windows Sensor Data Service allows an authorized attacker to elevate privileges locally, which can affect the system. Recommendatio...

PT-2026-32878

Name of the Vulnerable Software and Affected Versions Microsoft 365 Apps for Enterprise versions 16.0.1 through 16.0.1 Description Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally by tricking a user into opening a malicious document...